4. Libraries – Rex
• lib/rex/
• “Ruby EXploitation library”
• Basic library for most tasks
• Sockets, protocols, command shell interface
• SSL, SMB, HTTP, XOR, Base64, random text
• Intended to be useful outside of the framework
7. Libraries – MSF Core
• Auxiliary mixins makes use of REX libraries
8. Where they live
• Official modules live in msf3/modules/
– Subdirectories organized by module type (exploit/, auxiliary/,
post/, …)
• ~/.msf3/modules/ has same structure, loaded at startup if
it exists
9. What is an auxiliary module?
• Auxiliary – An exploit without a payload
– Underappreciated*
• Used mostly for discovery, fingerprinting, and
automating tasks :-)
• Makes use of the MSF REX library and other
mixins
• Uses run() instead of exploit()
10. Types of Auxiliary Modules
• Various scanners for protocols (SMB,
DCERPC, HTTP)
• Network protocol “fuzzers”
• Port scanner modules
• Wireless
• IPV6
• Denial of service modules
• Server modules
• Administrative access exploits
13. Various scanners for protocols
• Designed to help with reconnaissance
• Dozens of useful service scanners
• Simple module format, easy to use
• Specify THREADS for concurrency
– Keep this under 16 for native Windows
– 256 is fine on Linux
• Uses RHOSTS instead of RHOST
13